Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Android Security IT

Researchers 'Map' Android Malware Genome 67

yahoi writes "Researchers at NC State are sharing their analysis and classification of Android malware samples under a new project that they hope will help shape a new way of fighting malware, learning from the lessons of the PC generation and its traditional anti-malware products. Xuxian Jiang, the mastermind behind the Android Malware Genome Project, says defenses against this malware today are hampered by the lack of efficient access to samples (PDF), as well as a limited understanding of the various malware families targeting the Android. The goal is to establish a better way of sharing malware samples and analysis, and developing better tools to fight it, he says."
This discussion has been archived. No new comments can be posted.

Researchers 'Map' Android Malware Genome

Comments Filter:
  • by Anonymous Coward on Tuesday May 22, 2012 @06:42PM (#40081981)

    Remember how Slashdot spent 10+ years mocking Windows for being a malware-laden cesspool of unremovable OEM junkware with an antivirus industry built around it? Embarrassed yet?

    • Lemme guess (Score:4, Funny)

      by Taco Cowboy ( 5327 ) on Tuesday May 22, 2012 @06:46PM (#40082007) Journal

      The malware genome points to Java ?

    • " help shape a new way of fighting malware, learning from the lessons of the PC generation and its traditional anti-malware products. "

      "Remember how Slashdot spent 10+ years mocking Windows for being a malware-laden cesspool of unremovable OEM junkware with an antivirus industry built around it?"

      Yep, came here to basically say the same thing. I can't believe my phone would need a virus scanner. What's next? Android Security Essentials 2012?

    • Oh, we're not done with that one yet.
    • by Anonymous Coward

      Remember how Slashdot spent 10+ years mocking Windows for being a malware-laden cesspool of unremovable OEM junkware with an antivirus industry built around it? Embarrassed yet?

      Did something change? Windows is still the cesspool of malware and virus laden applications and it's responsible for most of the world's SPAM. It's also the preferred OS of Bots. It's so full of holes they need to release patches for it every week just to keep up with all of the zero days found.

      • Remember how Slashdot spent 10+ years mocking Windows for being a malware-laden cesspool of unremovable OEM junkware with an antivirus industry built around it? Embarrassed yet?

        Did something change? Windows is still the cesspool of malware and virus laden applications and it's responsible for most of the world's SPAM. It's also the preferred OS of Bots. It's so full of holes they need to release patches for it every week just to keep up with all of the zero days found.

        All because Windows has over 90% market share.

        If OSX or Linux had the same market share, then they'd see the vast majority of malware instead.

  • the size of a Windows map?

    In fact, I don't think there's a super computer capable of mapping it.

  • by grantspassalan ( 2531078 ) on Tuesday May 22, 2012 @07:22PM (#40082211)

    Why is it that there is no malware for IOS? There are millions of these devices out there, so there certainly is an incentive for malware writers.

    I believe that it has something to do with the fact that only Apple approved and checked software can be installed thereon. This closed system may not appeal to many here on /., but it is certainly as close as we have gotten to a malware proof computing experience we are likely to get anytime soon. Mac users will be able to enjoy this form of security with OS X 10.8 this summer.

    • by Charliemopps ( 1157495 ) on Tuesday May 22, 2012 @07:35PM (#40082315)
      Apple is using that same control to prevent you from scanning for viruses...

      http://www.forbes.com/sites/timworstall/2012/05/22/apple-wont-let-kaspersky-develop-tools-for-ios/
      • So what, if there are no viruses, why does anybody have to scan for them? The only ones being harmed by Apple's business model of this closed system, are the developers of antivirus software. In the new OS X 10.8 OS, users who desperately want to install any software whatsoever, including a virus or Trojan, can still deliberately do so.

      • Re: (Score:3, Insightful)

        The level of access that an antivirus program needs is the level of access that a virus needs. Apple's not giving that to the would-be malware creators either.

        Besides, an antivirus program for iOS makes no sense because there aren't any such things to protect against. .

    • by causality ( 777677 ) on Tuesday May 22, 2012 @07:39PM (#40082343)

      Why is it that there is no malware for IOS? There are millions of these devices out there, so there certainly is an incentive for malware writers.

      I believe that it has something to do with the fact that only Apple approved and checked software can be installed thereon. This closed system may not appeal to many here on /., but it is certainly as close as we have gotten to a malware proof computing experience we are likely to get anytime soon. Mac users will be able to enjoy this form of security with OS X 10.8 this summer.

      Many people need to play in the approved sandbox or else they'll stumble and hurt themselves. Others know what they're doing and understand the security implications of actions they take so they don't need Big Daddy Apple watching over them (and would in fact find that restrictive/suffocating).

      If you're willing to learn and attain your own understanding you will find that much more information than you would ever need is freely available. Then you achieve independence and freedom. You can then do what you like with equipment that's truly yours. If all of that is "too hard" and you prefer to use a machine for years without ever really grasping the principles behind it, then you are likely to be controlled by somebody: either a relatively benevolent vendor or a malware author. The former wants the money you choose to give to it; the latter will take everything it can.

      There isn't a One True Way. The only real mistake is to wrongly assume you are in a given category when you are not. For Joe Sixpack users who do not enjoy discovering and learning new things, the Apple method has a lot of advantages. If its widespread use makes it harder for criminals to make a profit, that benefits the rest of us as well.

      • by __aaltlg1547 ( 2541114 ) on Tuesday May 22, 2012 @10:15PM (#40083045)

        Many people need to play in the approved sandbox or else they'll stumble and hurt themselves. Others know what they're doing and understand the security implications of actions they take so they don't need Big Daddy Apple watching over them (and would in fact find that restrictive/suffocating).

        No, not many. A few. The iPhone is a consumer device. Opening it up for anybody to program and distribute whatever software they want would be of no benefit to the vast majority of users, no benefit to Apple and no benefit to the wireless providers.

        If they opened it up, they'd actually be screwing over their customers and business partners. I can't imagine a compelling argument why they should do so.

      • by ediron2 ( 246908 )

        Ratfucker slashcode just ate my comment.

        Came here to call you a pedant and point out that some of us like iphones because we already have too many other avenues for puttering; sometimes it's nice just to have a phone. Ok, a phone plus games and twitter and gps and media and email and.... but I'm ok that my 4s is NOT where I focus my hackerly urges. I don't have time for all the projects queued up in my home office (or as my wife calls it, that "damn mountain of electronics"). Lost my orig. comment tryin

      • by Deorus ( 811828 )

        Your train of thought crashed as soon as you failed to realize the difference between research and production. It is perfectly OK to research one platform while using another, there is absolutely nothing wrong with that. I have developed the Linux kernel in the past and that hasn't stopped me from turning into an Apple fag. My understanding of how operating systems work does not make me want to tinker them all, quite the opposite. I am perfectly fine when things just work, that is my goal as an engineer

        • Your train of thought crashed as soon as you failed to realize the difference between research and production. It is perfectly OK to research one platform while using another, there is absolutely nothing wrong with that. I have developed the Linux kernel in the past and that hasn't stopped me from turning into an Apple fag. My understanding of how operating systems work does not make me want to tinker them all, quite the opposite. I am perfectly fine when things just work, that is my goal as an engineer.

          I was talking about users who *need* a managed experience or else they get into trouble. *Need*. I think people replying to me didn't get that part and perhaps I should have made it more clear.

          Wanting one or finding it convenient is different. If you can do serious kernel development then you are more skilled than I am, and I definitely don't need a managed experience. Yours is a genuine preference. It is not a need. That isn't what I was talking about at all and doesn't fit anything I was saying.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      There is absolute malware proof computing already: just don't install anything on your computer, disconnect it from network, in fact, just cut the power completely.

      Oh, and "there's no malware on AppStore" rather depends on your defintion of malware. Sending your contact list to a third party without questions was possible until a recent update. Just junkware and scams? Check. Just google for "pokemon yellow ios", for example.

      Yes, iOS malware can't spam SMS or hang in background, but on the other hand iOS ap

    • by Lussarn ( 105276 )

      I believe that it has something to do with the fact that only Apple approved and checked software can be installed thereon. This closed system may not appeal to many here on /., but it is certainly as close as we have gotten to a malware proof computing experience we are likely to get anytime soon. Mac users will be able to enjoy this form of security with OS X 10.8 this summer.

      It is obviously a security feature to have trusted sources for your programs, there is nothing new to this, Linux have used this for the last 15 years and I can't believe Linux was the first. You have to understand that Unix was created like 40 years ago, and there is nothing technically secure about it in todays world. This is the same for Linux, BSD, OSX, Android and IOS. Most security is bolted upon it but the fact is that it probably can't be totaly secured, it's not designed that way. Compare with a we

    • by tlhIngan ( 30335 )

      Why is it that there is no malware for IOS? There are millions of these devices out there, so there certainly is an incentive for malware writers.

      I believe that it has something to do with the fact that only Apple approved and checked software can be installed thereon. This closed system may not appeal to many here on /., but it is certainly as close as we have gotten to a malware proof computing experience we are likely to get anytime soon. Mac users will be able to enjoy this form of security with OS X 10

  • It comes from One Microsoft way in Redmond?
  • DARPA has a project going on this right now...it's called the "Cyber Genome" project. The idea is that you can perform a fair bit of attribution to the person/organization that wrote a piece of malware based on the characteristics of the code. It's true, as well...examination of Stuxnet, for example, made it clear that it was probably written by a highly organized team of diverse and very skilled individuals. And that's just looking at a single piece of malware; looking at things like Zeus has shown the

  • by Johann Lau ( 1040920 ) on Wednesday May 23, 2012 @03:20AM (#40084629) Homepage Journal

    Notice how one makes sense, the other doesn't:

    Researchers Map Android Malware 'Genome'

    Researchers 'Map' Android Malware Genome

  • How to get Android and Malware in the same article.

Pascal is not a high-level language. -- Steven Feiner

Working...